diff options
| author | fence <fence@desu-mail.moe> | 2020-04-27 19:11:03 +0200 |
|---|---|---|
| committer | fence <fence@desu-mail.moe> | 2020-04-27 19:11:03 +0200 |
| commit | cc1e2e8d0f5fa27d051a0a21740a8052b95ce1a5 (patch) | |
| tree | 1e05d7123113a1eb7370df988aa642fe56542838 | |
| parent | 5c7cc109172c84b991fad7eebbdd51e75f0c5382 (diff) | |
| download | pleroma-cc1e2e8d0f5fa27d051a0a21740a8052b95ce1a5.tar.gz | |
requested changes to mongoose_im_controller.ex
| -rw-r--r-- | lib/pleroma/web/mongooseim/mongoose_im_controller.ex | 41 |
1 files changed, 11 insertions, 30 deletions
diff --git a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex index c15b4bfb8..7123153c5 100644 --- a/lib/pleroma/web/mongooseim/mongoose_im_controller.ex +++ b/lib/pleroma/web/mongooseim/mongoose_im_controller.ex @@ -14,7 +14,7 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do plug(RateLimiter, [name: :authentication, params: ["user"]] when action == :check_password) def user_exists(conn, %{"user" => username}) do - with %User{} <- Repo.get_by(User, nickname: username, local: true) do + with %User{} <- Repo.get_by(User, nickname: username, local: true, deactivated: false) do conn |> json(true) else @@ -26,41 +26,22 @@ defmodule Pleroma.Web.MongooseIM.MongooseIMController do end def check_password(conn, %{"user" => username, "pass" => password}) do - user = Repo.get_by(User, nickname: username, local: true) - - state = case user do - nil -> nil - _ -> User.account_status(user) - end - - case state do - :deactivated -> + with %User{password_hash: password_hash, deactivated: false} <- + Repo.get_by(User, nickname: username, local: true), + true <- Pbkdf2.checkpw(password, password_hash) do + conn + |> json(true) + else + false -> conn - |> put_status(:not_found) + |> put_status(:forbidden) |> json(false) - :confirmation_pending -> + _ -> conn |> put_status(:not_found) |> json(false) - - _ -> - with %User{password_hash: password_hash} <- - user, - true <- Pbkdf2.checkpw(password, password_hash) do - conn - |> json(true) - else - false -> - conn - |> put_status(:forbidden) - |> json(false) - - _ -> - conn - |> put_status(:not_found) - |> json(false) - end end end end + |